Privacy Policy

Introduction

 

We, at Crackle Technologies PTE Limited (hereinafter referred to as ‘Crackle’, or ‘We’, or ‘Us’, or ‘Our’ or ‘Company’), are the data controller responsible for the processing of Your personal data. As a data controller, We determine the purposes and means of the processing of personal data and are committed to ensuring that Your data is processed in accordance with applicable data protection laws. We know that you as a user (hereinafter referred to as ‘You’, ‘Your’, ‘User(s)’, ‘Customer(s)’, ‘Member(s)’) care about how Your personal information is used and shared, and We take Your privacy seriously. Please read the following to learn more about Our privacy policy (“Privacy Policy”). By visiting or using Our website (www.crackle.tech) and domain name, and any other linked pages, features, content, mobile applications, or any other services or products We offer from time to time in connection therewith (collectively, the ‘Platform’), or by using the services / products in any manner, You acknowledge that You accept the practices and policies outlined in this Privacy Policy, and You hereby consent to the collection, usage, and sharing of Your information in the following ways.

 

We participate in the IAB Global Privacy Platform (“GPP”) and honour the privacy signals transmitted through the GPP framework, including the GPP consent string. We are committed to processing personal data in accordance with applicable data protection and privacy laws. This document is set out in accordance with Section 21 of Personal Data Protection Act, 2012, Articles 5, 6, 12, 13 and 14 of the EU General Data Protection Regulation (Regulation (EU) 2016/679) (“EU GDPR”), the UK General Data Protection Regulation as retained under the Data Protection Act 2018 (“UK GDPR”), the California Privacy Rights Act (“CPRA”), the Children’s Online Privacy Protection Act and its implementing Rule (“COPPA”), and LGPD; Lei 13709 / 2018. This Privacy Policy is an electronic record in accordance with the provisions of Electronic Transactions Act, 2010 and rules framed thereunder as applicable and the provisions pertaining to electronic records in various statutes as amended by Electronic Transactions Act, 2010. This is an electronically generated document and does not require any physical or digital signatures. This document shall act as a binding agreement between Crackle and You in relation to the services/products being made available/provided by Crackle. The access to or use of Our Platform shall be indicative of Your unfettered consent to bind Yourself to this Privacy Policy. The Company reserves the right to update and modify the Privacy Policy at any time, without prior notice to the User. It is the responsibility of the User to be informed about the revised version of the Privacy Policy. By continuing to access or use the Platform, the User agrees to be bound by the updated Privacy Policy.

 

PLEASE ENSURE THAT YOU READ AND UNDERSTAND ALL THE CLAUSES BEFORE OPTING TO AVAIL ANY SERVICE OR EXTEND YOUR USE OF THIS PLATFORM AS THE PROVISIONS OF THIS PRIVACY POLICY WILL BE BINDING ON YOU WITHOUT ANY RESERVATIONS. If You do not wish to enter into this Agreement, We would suggest not moving forward with the usage of Our Platform.

Data Controller Information

 

The data controller is:

  • Crackle Technologies PTE Limited

  • Postal address: 200 Jalan Sultan, #11-01, Textile Centre, Singapore 199018

  • Email: corporate@crackle.tech

As data controller, We are responsible for deciding how and why Your personal data is processed. If You have any questions about how We process Your personal data, or if You wish to exercise any of Your data protection rights, please contact Us using the details above or contact Our Data Protection Officer as set out below.

 

What does this privacy policy cover?

 

This privacy policy covers Our treatment of personal information (‘Personal Information’) that We gather when You access or use Our Platform and through Uniform Resource Locator links (URLs) that We host on Our servers. This policy does not apply to the practices of companies that We do not own or control, or to individuals that We do not employ or manage, save and except for such entities whose privacy policy explicitly mentioned Our collection of Your personal data.

 

Who does the privacy policy impact?

 

This Privacy Policy impacts all Our Users. However, this Privacy Policy impacts users differently based on whether they live in Singapore or outside Singapore. Our website and URLs can be accessed anywhere.

 

For users registering / purchasing / participating in Our programs, We collect the following details: Full name, mobile number, email id, education details and other details as per the different services provided on Our Platforms. We collect this information to revert to You in respect of Your specific requirements, when You apply for a job with Us and as a means of communication between You and Us. We also collect information pertaining to the specific services that You are looking to avail from Us.

 

What information does Crackle collect?

 

We gather various types of personal information from Our users, as explained in detail below. We may use this personal information to personalize and improve Our services, to allow Our users to set up a user account and profile, to fulfil requests for certain products and services, to analyse how users utilize the Platform and/or other products and services rendered by Crackle, and as otherwise set forth in this Privacy Policy. We may share certain types of personal information with third parties, however, in such a situation, You will also be covered under the privacy policy of the third party with whom We are providing the information to. We collect the following types of information:

 

Information You provide to Us:

 

Name, Email address, Phone number, Your Education details or other work experience, Company name and address, Your bank account details, Your product details (eg app store links or bundle ids of Your mobile applications, Your Company’s customer or user details (country and estimates of daily active users) and Your current ad monetisation products (mediation platform).

 

We receive and store any information You knowingly provide to Us. For example, We collect personal information such as Your name, personal email address, corporate email address, residence and office address, bank details (for Your payments), educational qualifications (when You apply for a job with Us). We may collect other information as Our services and products are further developed. You can choose not to provide Us with certain information, but then You may not be able to register with Us or to take advantage of Our products / services.

 

In the course of providing our adtech services, we may collect and process the following categories of personal data:

  • Device and Technical Data: This includes IP addresses (which may be truncated or hashed depending on applicable legal requirements), device identifiers (such as advertising IDs, cookie IDs, and similar persistent identifiers), browser type and version, operating system, device type, screen resolution, language preferences, and time zone settings.

  • Online Activity Data: This includes information about interactions with digital advertisements and content, such as pages visited, advertisements viewed or clicked, search queries, referring and exit URLs, and browsing behaviour across websites and applications that use our technology.

  • Location Data: We may collect geolocation data, such as GPS coordinates, derived from IP addresses or similar technical signals.

  • Inference and Audience Data: We may generate inferences and audience segments based on the data described above for the purpose of delivering relevant advertising. These inferences may relate to likely interests, preferences, or demographic characteristics.

  • Client-Provided Data: Our Clients may provide us with personal data, such as hashed email addresses, customer identifiers, or audience lists, for the purposes of audience matching, campaign targeting, and measurement. We process such data in accordance with our agreements with those Clients and their instructions.

Information collected automatically:

 

Whenever You interact with Our Platform, We automatically receive and record information mentioned below on Our server logs:

  • IP address

  • Location

  • Cookie

  • Advertising IDs (such as DeviceID/IDFA/GAID/Amazon FOSAID)

  • User Agent

  • Device make, model, and operating system

  • Device properties related to screen size, orientation, audio, battery, device memory usage, settings, and boot time and other hardware related information

  • Device settings related to accessibility features, font size, and theme

  • Carrier

  • Name and properties of mobile application through which a consumer interacts with the Services

  • Country, time zone, and locale settings (country and preferred language)

  • City- and/or country-level or other geolocation data

  • Network connection type and speed

  • Internet browser user-agent used to access the Services

  • HTTP header information

  • Vendor IDs (IDFV)

  • App Set IDs

  • Advertising and tracking preferences and restrictions

  • Session Durations

  • Session Activities

  • Logs Information

We may obtain additional information about You from third parties such as marketers, partners, researchers, and others. We may combine information that We collect from You with information about You that We obtain from such third parties and information derived from any other subscription, product, or Service We provide.

When We collect usage information (such as the numbers and frequency of visitors to the Platform), We only use this data in aggregate form, and not in a manner that would identify You personally. For example, this aggregate data tells Us how often users use parts of the Platform, so that We can make Our Platform perform better. We may also provide this aggregate information to Our partners; Our partners may use such information to understand how often people use Our Platform, so that they, too, can provide better performance and experience. We never disclose aggregate information to a partner in a manner that would identify You personally, without Your consent.

If You are using Our products and/or services, You understand and acknowledge that, any information, data or readings from such products and/or services, or collected from Your use thereof, will be automatically uploaded to Your account with Us. To the extent these automatically collected readings can be used to personally identify You, these readings are personal information for the purposes of this privacy policy.

Lawful Bases for Processing

 

Under the EU GDPR and UK GDPR, We are required to identify a lawful basis for each processing activity We carry out in relation to Your personal data. The lawful bases upon which We rely are as follows:

  • Consent: Where You have given Us clear, informed, and unambiguous consent to process Your personal data for a specific purpose. You have the right to withdraw Your consent at any time by contacting Us at corporate@crackle.tech. Withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

  • Performance of a contract: Where the processing of Your personal data is necessary for the performance of a contract to which You are a party, or in order to take steps at Your request prior to entering into a contract. This includes processing carried out to provide Our services and products to You, to manage Your account, and to process payments.

  • Legitimate interests: Where the processing is necessary for the purposes of the legitimate interests pursued by Crackle or by a third party, except where such interests are overridden by Your interests or fundamental rights and freedoms. Our legitimate interests include operating, maintaining, and improving Our Platform and services; ensuring the security and integrity of Our Platform; communicating with You about Our services; and conducting analytics to understand how Our Platform is used.

  • Legal obligation: Where the processing of Your personal data is necessary for compliance with a legal obligation to which We are subject.

What are Your rights?

 

Your rights as a User include the following. Please note that certain rights may vary depending on the jurisdiction in which You reside:

  • Right to be informed: You have the right to be informed about how We collect and use Your personal data, including the purposes of processing, the legal bases relied upon, the retention periods, and with whom Your data is shared.

  • Right of access: You have the right to request a copy of the personal data We hold about You, together with information about how and why We process it (a “subject access request”).

  • Right to rectification: You have the right to request that We correct any inaccurate personal data We hold about You, or complete any incomplete personal data.

  • Right to erasure: You have the right to request that We delete Your personal data in certain circumstances, for example where the data is no longer necessary for the purpose for which it was collected, or where You withdraw Your consent.

  • Right to restriction of processing: You have the right to request that We restrict the processing of Your personal data in certain circumstances, for example where You contest the accuracy of the data or where You object to processing based on legitimate interests.

  • Right to data portability: You have the right to receive the personal data You have provided to Us in a structured, commonly used, and machine-readable format, and to transmit that data to another controller without hindrance.

  • Right to object: You have the right to object to the processing of Your personal data where We are relying on legitimate interests as a lawful basis, or where We are processing Your data for direct marketing purposes. Where You object to processing for direct marketing purposes, We will cease such processing without delay.

  • Rights in relation to automated decision-making and profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning You or similarly significantly affects You, unless such processing is necessary for entering into or performing a contract, is authorised by law, or is based on Your explicit consent.

  • Right to lodge a complaint: You have the right to lodge a complaint with the relevant supervisory authority after exhausting Our grievance redressal mechanisms.

  • Opt-Out Mechanisms: You may opt out of interest-based advertising by adjusting the settings on your device (for example, by resetting your advertising identifier), by using the opt-out tools provided by industry self-regulatory bodies such as the Digital Advertising Alliance (DAA), the Network Advertising Initiative (NAI), or the European Interactive Digital Advertising Alliance (EDAA), or by enabling the Global Privacy Control signal in your browser.

Rights under COPPA:

 

Parents and legal guardians of children under the age of 13 have the right to review the personal information We have collected from their child, to request that We delete such information, and to refuse to permit further collection or use of their child’s information. To exercise these rights, parents or guardians may contact Us at corporate@crackle.tech.

 

Rights under US state privacy laws (including the CPRA and GPP frameworks):

 

  • The right to know what personal information is collected, used, shared, or sold;

  • The right to delete personal information held by Us;

  • The right to opt out of sharing of personal information;

  • The right to non-discrimination for exercising Your privacy rights; and

  • The right to correct inaccurate personal information.

To exercise any of the above rights, please contact Us at corporate@crackle.tech. We will respond to Your request within the timeframes required by applicable law. We may ask You to verify Your identity before processing Your request.

GPP Compliance and Consent Management

 

We are a registered participant in the IAB Global Privacy Platform. The GPP provides a standardised mechanism for encoding and transmitting user privacy preferences and consent signals across jurisdictions. We process the GPP consent string received in connection with each advertising transaction and honour the preferences expressed therein.

  • Multi-Jurisdictional Signals: The GPP consent string may encode privacy signals applicable under multiple regulatory frameworks, including but not limited to the IAB TCF (for EEA and UK), the US National Privacy Section, and individual US state privacy sections (such as those for California, Virginia, Colorado, Connecticut, and other states with applicable privacy legislation). We parse and apply the relevant section of the GPP string corresponding to the jurisdiction of the individual.

  • Honouring Opt-Out Signals: Where the GPP string indicates that an individual has opted out of the sale or sharing of personal data, targeted advertising, or profiling, we will cease processing that individual’s personal data for those purposes. We also honour the Global Privacy Control (“GPC”) signal as an opt-out of the sale or sharing of personal data where required by applicable law.

  • CMP Reliance: We rely on our Clients and their CMPs to provide accurate and valid GPP consent strings. We process personal data in accordance with the consent and preference information conveyed through the GPP string and do not independently verify whether the underlying consent was lawfully obtained by the CMP or publisher.

Who can access Crackle products and services?

 

Individuals over 13 years old can access Our Platform and services. We do not knowingly collect personal information from children under 13 without verifiable parental consent as required by COPPA.

Companies registered anywhere in the world can access Our corporate solutions / services.

We ask that anybody under the age of 13 ask and get verifiable permission from a parent or guardian before using Our Services. You hereby represent and warrant that You are at least 13 years old, or that You are using Our Services offered with the verifiable consent and involvement of a parent or guardian. If You are under the age of 13, You must immediately leave this site. Any information We learn a child under 13 has provided to Us without verifiable parental consent will be deleted as soon as reasonably practicable. Please get in touch at corporate@crackle.tech if You learn We have collected or received personal data from a child under the age of 13 without proper parental consent.

What channels will Crackle use to provide its products and services?

 

We will primarily employ Our website, Our dashboard and Our applications or platforms. For a few services, We would also employ third party applications like digital marketing or social media platforms.

Internet bandwidth is a prerequisite to access many of Our services. We will not be held liable for slow / non-response of Platform / Our services / third party services due to slow / patchy internet services.

How will Crackle use the information it collects?

 

We will only use Your information in certain ways and for certain purposes, as stated in this Privacy Policy. The specific purposes for which We process Your personal data include, but are not limited to:

  • Providing, maintaining, and improving Our Platform and services;

  • Managing Your account and fulfilling contractual obligations;

  • Processing payments and transactions;

  • Communicating with You about Your use of the Platform, including service-related announcements;

  • Responding to Your enquiries and providing customer support;

  • Personalising Your experience on Our Platform;

  • Conducting analytics and research to improve Our services;

  • Ensuring the security and integrity of Our Platform;

  • Complying with legal obligations and enforcing Our terms; and

  • Sending You marketing communications, where You have consented to receiving them or where We are otherwise permitted to do so by law.

Without Your consent, We will not share, sell, or divulge any information that identifies You to any third party.

Payment processing, email automation, app diagnostics, analytics, advertisements and other services are some of the many areas where We rely on third-party service providers. Therefore, some of these third-parties may handle Your personal data. Where We engage third-party processors, We ensure that appropriate data processing agreements are in place requiring such processors to process Your data only on Our instructions and in accordance with applicable data protection law.

We may release personal data to establish, exercise, or defend Our legal rights. Information may also be disclosed if We determine that such disclosure is required to investigate, prevent, or take action related to possible fraud, illegal activity, or violations of Our conditions.

In the event of a business sale, merger, acquisition, consolidation, asset sale, reorganisation, or similar event, We may disclose Your personal information to the acquiring, merging, or surviving entity. Where required by applicable law, We will notify You of any such transfer and the legal basis upon which it occurs. Your privacy and the security of Your data are of the utmost importance to Us, and We will never compromise either.

 

Additional Purposes of Processing

 

Additionally, we process personal data for the following purposes:

  • Delivering and Optimising Digital Advertising: We process personal data to facilitate the delivery, targeting, personalisation, and optimisation of digital advertising campaigns on behalf of our Clients. This includes selecting and serving advertisements that are likely to be relevant to users based on inferred interests and preferences.

  • Measurement, Analytics, and Reporting: We process personal data to measure the effectiveness of advertising campaigns, including tracking impressions, clicks, conversions, and other performance metrics. We provide our Clients with aggregated and, where applicable, non-aggregated reports relating to campaign performance.

  • Frequency Capping: We process personal data to limit the number of times a particular advertisement is shown to the same user within a specified period.

  • Fraud Detection and Prevention: We process personal data to detect and prevent invalid traffic, advertising fraud, and other malicious or unauthorised activity within the digital advertising ecosystem.

  • Maintaining and Improving Our Services: We process personal data to maintain, troubleshoot, and improve the performance, security, and functionality of our technology platform and services.

  • Compliance with Legal Obligations: We process personal data as necessary to comply with applicable laws, regulations, and legal processes, and to respond to lawful requests from public authorities.

     

International Data Transfers

 

As Crackle is based in Singapore, Your personal data may be transferred to, and processed in, countries outside of Your country of residence, including countries outside the EEA and the UK. Such countries may not provide the same level of data protection as the laws of Your country of residence.

Where We transfer personal data from the EEA or the UK to a country that has not been deemed to provide an adequate level of data protection, We will ensure that appropriate safeguards are in place in accordance with the EU GDPR and UK GDPR. Such safeguards may include the use of Standard Contractual Clauses approved by the European Commission or the UK Secretary of State (as applicable), binding corporate rules, or any other transfer mechanism permitted by applicable law. You may request a copy of the relevant safeguards by contacting Us at corporate@crackle.tech.

 

Data Retention

 

We will retain Your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, We consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which We process the data, whether We can achieve those purposes through other means, and any applicable legal requirements.

Where We no longer need to process Your personal data for the purposes set out in this Privacy Policy, We will delete or anonymise Your data. If deletion or anonymisation is not possible (for example, because Your personal data has been stored in backup archives), We will securely store Your personal data and isolate it from any further processing until deletion is possible.

 

E-mail and other communications

 

We may contact You, by email or other means; for example, We may communicate with You about Your use of the Platform. Also, We may receive confirmation when You open an email from Us. This confirmation helps Us make emails more relevant for You and improve Our services.

 

Is personal information about me secure?

 

Our Platform is equipped with standard security features to protect the confidentiality and security of Your information. We shall maintain and implement reasonable and appropriate security procedures consistent with prevailing industry standards and all applicable laws to protect personal data from any unauthorized access or use. We shall maintain adequate physical controls and protections for any server or system on which any data may reside, encrypt any data that is in transmission, and encrypt any data located on any storage media.

However, as effective as encryption technology is, no security system is impenetrable. We cannot guarantee the security of Our database, nor can We guarantee that information You supply will not be intercepted while being transmitted to Us over the internet. Any transmission of information by You to Our Platform or otherwise is at Your own risk. In the event of a personal data breach, We will notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of the breach, in accordance with Article 33 of the EU GDPR and the corresponding provisions of the UK GDPR. Where the breach is likely to result in a high risk to Your rights and freedoms, We will also notify You without undue delay in accordance with Article 34 of the EU GDPR and the corresponding provisions of the UK GDPR. We will use diligent efforts to promptly remedy and prevent any continuation or recurrence of any unauthorised access or use.

Our Platform may contain links to other sites and other services. We are not responsible for the privacy policies and/or practices on other sites or apps. When following a link to another site You should read that site’s / app’s privacy policy.

 

What personal information can I access?

 

Through Your account settings, You may access, and, in some cases, edit or delete the following information You have provided to Us. The information You can view and update may change as the Platform changes. Please note that any information that is automatically uploaded from a product to the Platform, or collected otherwise from You by Us, cannot be later changed or updated.

We will redress Your grievances and concerns surrounding usage of services within specified timelines as per applicable law. If You have any questions about viewing or updating information We have on file about You, or if You wish to raise any complaint/grievances, please contact Us at corporate@crackle.tech or reach out to Our Grievance Officer / Data Protection Officer, whose contact information is detailed below:

In accordance with the EU GDPR and UK GDPR, We have appointed a Data Protection Officer (“DPO”) who is responsible for overseeing Our data protection strategy and ensuring compliance with applicable data protection laws. If You have any questions about this Privacy Policy, about how We process Your personal data, or if You wish to exercise any of Your data protection rights, please contact Our DPO using the details below:

  • Name: Jaivir Singh Nagi

  • Email: corporate@crackle.tech

  • Postal address: 200 Jalan Sultan, #11-01, Textile Centre, Singapore 199018

Deleting Your profile and information

 

You can always opt not to disclose information to Us, but keep in mind some information may be needed to register with Us or to take advantage of some of Our Platform features. We will retain Your personal information only for as long as is necessary to fulfil the purposes set out in this Privacy Policy, or as long as the law requires. If You would like Us to delete/modify information that You have provided via the Platform or otherwise to Us, please contact Us at corporate@crackle.tech and We will respond within the timeframes required by applicable law. You may be able to add, update, or delete information as explained in the section above. When You update information, however, We may maintain a copy of the unrevised information in Our records. Please note that some information may remain in Our private records after deletion of such information from Your account. We may use any aggregated data derived from or incorporating Your personal information after You update or delete it, but not in a manner that would identify You personally.

 

Changes to this privacy policy

 

We may amend this privacy policy from time to time. Use of information We collect now is subject to the privacy policy in effect at the time such information is used. If We make changes in the way We use personal information, We will notify You by posting an announcement on Our Platform or by sending You an email. Where required by applicable law, We will seek Your consent before making material changes to how We process Your personal data. You are bound by any changes to the privacy policy when You use the Platform or the Product after such changes have been first posted.

 

Limitation of liability

 

We value Your trust in providing Us Your personal information, thus We will use commercially acceptable means of protecting it. But no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and We cannot guarantee its absolute security. You agree and acknowledge that We will not be liable for any claims in relation to the use of the App / website / URL, including but not limited to (a) Your inability to access or use the App / website / URL or the services; (b) the failure of the App / website / URL or the services to accurately identify persons in Your proximity; (c) any unauthorised access to Your information or modification thereof; (d) behaviours of others on Our platform. If You have any concerns or questions in relation to this policy, please address them to corporate@crackle.tech.